Less than a month after the April 22nd release of Software.com’s major upgrade to Post.Office 3.0, we are pleased to announce further enhancements to Post.Office. With the new Post.Office 3.1 release, administrators gain the ability to deny the use of their mail server as a relay host using a variety of IP address and domain name restrictions. This upgrade also allows the ability to drop connection based on specified IP address, domain name, or user name in the message envelope.
The Post.Office 3.1 release is available now on the Web site.
‘Spamming’ refers to the act of sending unsolicited bulk e-mail messages. It is also known as Unsolicited Commercial Email (UCE). As the Internet has grown, spamming has become a problem that can seriously threaten the operations of service providers.
Service Providers Issues
There are two problems that service providers face with respect to incoming spam.
Their MTAs are being used to relay spam messages to recipients around the Internet.
Incoming spam messages to the service provider’s users can seriously tax the system, even overloading its capacity – this is known as denial of service.
Relay Spam Curbing
The issue of users from the outside using a service provider’s MTAs to relay their bulk mailings to the outside is probably the single biggest issue for ISPs today. The most effective solution to this problem is to disallow relaying by setting up internal (behind a firewall) MTAs and external MTAs. The external MTAs are published to the world in the ISP’s Mail Exchange record in DNS. The internal MTAs are only made available to the ISP’s clients. The internal MTAs are fully enabled to relay, while the external MTAs will only accept locally-hosted recipients. All other recipients will be rejected during the SMTP dialog. If a service provider only has one MTA, it can be set up to only relay for clients of a certain IP address range, thus eliminating the outside from using the MTA to relay.
Resilience to Denial of Service
When spam mail does come in, and it will even with relaying disallowed, the system must be resilient. There are two keys to this:
storage of a single copy of a message to multiple recipients.
The first means that a message with a lot of recipients will not be expensive to deliver. The second means that disk space will not be used up by the spam message. UNIX versions of Post.Office and InterMail support these features.